Pac4Mac (Plug And Check for Mac OS X) is a portable Forensics framework
(to launch from USB storage) allowing extraction and analysis session
informations in highlighting the real risks in term of information leak
(history, passwords, technical secrets, business secrets, ...). Pac4Mac
can be used to check security of your Mac OS X system or to help you
during forensics investigation.

Display prospective passwords ?(displaying all found passwords during dump and analysis phases)

[*] Integration of post-intrusion features

Hard Disk/RAM image

System dump to help to analyse compromission

Logs system, syslog, install, firewall, audit?

System usernames?

Names and creation dates of launched agents, daemons, applications?

Scheduled tasks?

Plist of Mac OS X known malwares?

Loaded drivers?

Network connections?

Active Processes?

Used ressources (files, libraries, …)?

Strange files (SUID, important size, …)?

Last dates of WiFI connections

…

Integration of CheckOut4Mac in order to quickly detect recent
malicious activities or if someone attempted or succeeded to get an
access to your Mac let in your hotel room during your dinner or party
(based on USB connections, adding users, attempt to unlock session,
access to emails, modification of files, etc.).